Tuesday, 3 November 2015
WhatsApp, one of the most popular online calling apps, has been exposed by a group of researchers who identified how app’s internal protocol is storing call duration and personal information of the participants.
Though, WhatsApp has never claimed itself to be an anonymous calling service but this new research has unveiled new information on how the app’s communication systems have been powered.
According to the researchers at the University of New Haven, WhatsApp uses FunXMPP protocol (deviated version of XMPP) XMPP has been used by Google for one its communication services, the Gtalk.
The researchers also analyzed the exchanges of messages between the Android phone and WhatsApp server. What they found was that WhatsApp has set up a complete system of gathering the data.
First they authenticated the users involved in the call and then a communication channel was setup using Opus codec at 8 or 16 KHz. After this, they established the call’s relay servers and endpoint IP addresses.
The scraping of data doesn’t end here; researchers were able to identify the app sending Metadata like phones number, timestamp, audio codec for the call and the call duration to its servers.
Read More ..
